4 Nov
2011
4 Nov
'11
14:20
Hi Everyone, Last night, we received an alert of a possible XSS or iFrame injection issue somewhere on www.opensuse.org or one of the wikis. We temporarily redirected the site and wikis to a maintenance page for about an hour while we assessed the risk and impact of the alert. After learning a little more, we felt that it was not a legitimate alert, and we brought the site back up. I am still waiting on a full report, so that we can figure out what to do for a long term solution. As a precaution, I am working on an immediate upgrade path to the latest version of Mediawiki and its plugins. I will also be working on upgrading Apache to 2.2.21 on the www and wiki servers. -Matt